Validate all inputs into your methods. The regular expression methods in the System.Text.RegularExpressions namespace are useful for confirming that input is of the correct form, such as an e-mail address.

Do not display exception information: it provides any would-be attacker with valuable clues.

Ensure that your application works while running with the least possible permissions. Few applications require that a user be logged in as an administrator.

Use caution when you use delegates passed from outside your application.

Run the Visual Studio code analysis tool on your assemblies to ensure compliance with Microsoft .NET Framework Design Guidelines. This tool can also find and warn against over 200 code defects. For more information, see Detecting and Correcting Managed Code Defects.